Renad Al Majd Saudi Arabia "RMG" signed a strategic partnership agreement with the UK project "AXELOS", to provide its clients in the Kingdom of Saudi Arabia with the best international training programs and internationally recognized certificates in IT services management and project management.

The importance of the agreement for the market in general and the Saudi market, in particular, lies in providing a number of the best training programs and methodologies used globally to develop professionals working mainly in IT services management and project management.

It is worth mentioning that the "AXELOS" project is a joint venture established in 2013 by the British Council of Ministers and Capita Company. The project develops, manages, and operates a number of the best training programs and methodologies used globally to develop professionals primarily engaged in IT services management and project management. , Works in the private, public, and volunteer sectors in more than 150 countries to improve employee skills and competence to make both individuals and organizations work more professionally and effectively.

In our keenness in Renad Al Majd Company to contribute to market development and build strategies in line with the Kingdom's vision (Vision 2030);

We are pleased to announce the signing of a partnership agreement with the "AXELOS" project to provide international training programs and internationally recognized certificates, And to provide the best technology solutions in the Arab markets.

Accordingly, it was agreed with the company "AXELOS" to provide some of its services within the Kingdom of Saudi Arabia, including:

1. ITIL (Information Technology Infrastructure Library):

It is a set of concepts and practices for achieving high-quality IT Service Management (ITSM). It is known that companies with employees possessing advanced certificates in ITIL are pioneers in the development and implementation of IT management services.

ITIL is an internationally recognized certification in the field of information technology, which is supervised by AXELOS. The program contains a series of certificates that qualify for the degree of professionalism in the field of IT services management.

2. Prince2 Certificate in Project Management:

PRINCE2 is the most popular professional project management certification, and reports indicate that PRINCE2 is the most powerful global project management certification, in 2013, more than 158,000 exams were taken!

3. The PRINCE2 Agile Project Management Certification:

It is one of the latest additions to the Project Management Certification Board. As a comprehensive turnkey business solution, allowing focus on management and timely delivery, it blends the principles of Project Management (Prince2) with a flexible delivery framework (Agile).

This might sound like a somewhat strange and contradictory combination, but it can work very well together.

The Prince2 Agile certification is available at two levels: Foundation and Practitioner.

4. Management Successful Program certificate (MSP):

The Management Successful Program (MSP) certificate enhances the ability to organize and manage large projects. It also works to develop your practical skills from designing, planning, and implementing programs for large projects. It is considered one of the strongest internationally recognized certificates in the field of program management.

AXELOS provides three levels of MSP certification, which is the MSP Foundation, the first certification that can be obtained and qualifies for entry into the field of successful program management, the MSP Practitioner Certificate, which you can obtain after obtaining the basic certification, and finally, the certification MSP Advance Practitioner is the top certification in the Axelos Program for Successful Program Management.

5. Management of Value certificate (MoV):

A value management program helps organizations and individuals manage their projects, programs, and services consistently and efficiently. It also guides key principles, processes, techniques, and approaches for all business data.

6. Project, Programs, Portfolios Offices Management certificate (P3O):

The Project, Programs, Portfolio Offices Management (P3O) program gives you an accredited international certificate, the possession of which reflects your interest and familiarity with the basic principles, methodologies, and methods used within the knowledge guide for a certificate. (P3O)

7. Risk Management Certificates (M-o-R),

8. Portfolio Management Certificates MOP.

The agreement also provides for the provision of institutional evaluation services (assessments), and the services that will be provided by Rinad Al Majd Information Technology (RMG) in partnership with AXELOS are:

• ITIL Assessments Model:

The Assessment and Maturity service Model (ITIL) was developed to help organizations better manage their IT services within the ITIL framework. It also contributes to a description of the organization's level of maturity, a plan for how to improve, and the ability to maintain results and track improvement.

• Capacity Maturity Model (P3M3-Maturity Assessments):

P3M3, also known as the "Project and Program Management Maturity Model", is a Management Maturity Model (M3) and a method for measuring an organization's ability to evaluate its projects, programs, and portfolios.

Now, within the Saudi Arabia kingdom companies and organizations, can take benefit from the institutional assessment services and capacity measurement models through Renad Al Majd Information Technology (RMG) representation of the British company AXELOS.

The general manager of Renad Al-Majd Company (RMG),  Mr.Abdul Karim bin Muhareb explained: The partnership with “AXELOS” is a very important addition to the list of companies and institutions that have placed their confidence in the company “RMG” to provide technology services in the Kingdom through his company “Renad Al Majd”, adding:

The services provided by Renad Al Majd are considered the first in the Kingdom.

Mr. Abdul Karim also added, our customers can take the exam directly to obtain the previously mentioned international certificates or register in training programs that qualify you for those certificates, and training programs will be provided by Renad Al Majd (RMG) for Information Technology in partnership with the British company (AXELOS).

And Mr. Abdul Karim: "We always strive to search for the latest technologies that enable our customers to achieve business quality using the most efficient tools, and to provide them with a unique experience that enables them to manage the business by applying best practices to enhance efficiency, effectiveness, governance, and overall quality."

 We have to notice that AXELOS project agreement, comes within a group of services and other agreements entered into by Renad Al Majd Company (RMG) to help companies .develop their business environment to comply with the requirements of the new digital world, and harmonize business with the latest digital technologies in the current technological era.

Renad Al Majd for Information Technology (RMG), in cooperation with Tharwa Human Resources Company, has succeeded in implementing the integrated quality system in the support services department in the Saudi Industrial Development Fund, where four certificates were delivered from the International Organization for Standardization (ISO):

1. ISO Certificate (ISO 9001: 2015) in Quality Management System.
2. ISO certificate (ISO 45001: 2018) in occupational health and safety system.
3. ISO certificate (ISO 14001: 2015) in the environmental management system.
4. ISO certificate (ISO 17100: 2015) certification in translation services management system.

As part of the activities of the ceremony that took place at the headquarters of the Industrial Fund on December 17, 2020, under the generous patronage of the Director of Support Services Department Mr. Bader Al-Saraia.

During the last period, the Saudi Industrial Development Fund continued its Entrepreneurial activity in developing the local industrial sector and keeping pace with the Saudi Kingdom 2030 vision. The application of these specifications is a continuation of the effective role that the administration plays in supporting and strengthening the Saudi industrial sector and in the context of its continuous efforts to provide a healthy and safe work environment that helps to provide services Distinguished for citizens through the governance of its work procedures following international standards.

The department obtained the Integrated Management System certificate after a comprehensive evaluation process and based on multiple criteria to identify internal and external risks and ensure that corrective measures are taken after assessing the quality management system and achieving operational efficiency, which facilitates the discovery and identification of problems on time and taking quick steps to avoid the same errors in the future.

The ISO 9001: 2015 standard deemed/ considered The most famous standard is that it applies to all establishments in various sectors and has several benefits, the most important of which are saving time, reducing expenses, and preserving resources while reducing errors through:

• Review customer and supplier opinions about the level of quality management.
• Forming a specialized team of fund employees and consultants to Renad Al Majd Company and Tharwa Company to implement quality management standards.
• Create a project plan with a training and awareness plan that defines the roles and responsibilities of the team's staff, with a time frame for each stage.
• Coordination between quality management standards and the work nature at the Fund's Support Services Department.
• Developing an integrated training plan in accordance with the methodologies of the British Commission for Auditing (CQI | IRCA).
• Create an awareness plan for the fund.
• Review the department's applied quality management system to ensure continuous performance improvement.

      And the Support Services Department also obtained: Two certificates for occupational safety and environmental management.

The (ISO 45001: 2018) standard is considered the most famous standard in the field of occupational health and safety that creates a sound environment for work by applying all safety and security requirements, ensuring the eligibility of workplaces, and increasing organizational flexibility through proactive risk prevention, innovation, and continuous improvement through:

• Systematically identify external and internal issues, needs, and expectations of employees and other stakeholders.
• Ensure that a balanced professional policy is developed by the Support Services Department with the participation of employees, with a focus on educating the Fund's guests, clients, and suppliers.
• Risk-based thinking as the basis of a management system.
• Expand requirements regarding internal and external communications, including the need to define what, when, and how to report and communicate.
• Increased focus on controlling change, controlling recruitment, supplier, and outsourcing processes.
• Defining goals related to performance evaluation.
• Establish an emergency preparedness and response plan.
• Create a safety plan that defines the responsibilities and authorities for safety in the fund.
• Distributing rules for employee safety, which is a method and methodology that employees adhere to and follow to reduce the possibility of safety and security-related accidents before these accidents cause any injury, disease, or property damage.

The (ISO 14001: 2015) standard is focused on Environmental management, as it seeks to challenge the best way to develop an effective environmental management system while ensuring sustainability in providing distinctive services, thereof:

• Reducing operational costs.
• Optimal environmental use of available resources.
• Improving environmental performance.
• Control of environmental hazards.
• Achieve environmental obligations and global environmental policy requirements.
• Commitment to social responsibilities.
• Enhancing a positive image among stakeholders, beneficiaries, and employees.
• Maintaining environmental knowledge and ensuring effective information delivery.

The (ISO 17100:1015) standard, In turn, helped the Translation Unit in the Support Services Department obtained the Translation Management Certificate.

This standard helps to establish the TRANSLATION SERVICES MANAGEMENT SYSTEM and specifies the requirements for the central procedures necessary for the translation process and other necessary aspects required to provide a quality translation service that matches the international standards applied in the field of translation through:

• Define the concepts related to translation and its services.
• Clarify and document concepts related to translation techniques and workflows.
• Documenting the review and final review.
• Clarify concepts related to people working in translation services.

During the celebration of this occasion, Mr. Bader Al-Sarai said: This certificate is considered one of the distinguished and distinguished accreditations in the world, adding that there are several basic stages for obtaining certificates, which include preparation, review, examination, and training. He pointed out that all procedures were evaluated and corrected at each stage, to complete the basic requirements for accreditation, and he stressed that obtaining certificates in the administration will be entitled to many benefits, the most important of which are:

• Achieving safety and satisfaction of customers, visitors, and workers.
• Improving the fund's image and reducing the accidents that may arise from the risks of the unsafe establishment.

He indicated that obtaining the certificate by an internationally specialized company is considered the first line in maintaining quality management standards that pass an integrated chain of follow-up, monitoring, daily, weekly and monthly audits, through inspection tours, corrective reports, preventive maintenance, and following up on the opinions of the facilities' users, which are indicators Accurate to raise the quality of services provided.

Mr. Bader added that the implementation of the translation management system will ensure the completion of translation projects efficiently and efficiently, dealing with all data and documents, storing, retrieving, archiving, and disposing of them safely and securely through the use of the best translation tools and techniques with the use of international terminology that raises the level of the implemented projects.

      Mr. Thamer Dehaim, project manager, said, “The project started with:

• Evaluate the current situation in the support services department.
• Then starting to form a coherent quality system by establishing systematic work procedures and then applying them to the concerned departments.
• Training of employees on quality systems, by holding several workshops attended by the employees of the units.
• Starting the initial internal audit phase and transferring knowledge to employees to work as internal auditors certified by the British Audit Authority (CQI | IRCA).
• After implementing the Integrated Management System, the Global Grants Company conducted a comprehensive audit and recommended through its Executive council, to granting of international accreditation certificates.

This painstaking work culminated in the honorable honor of the management of the Saudi Industrial Development Fund for the project cadres and the consultant of Renad Al Majd for Information Technology (RMG). In his turn, the General Manager of Renad Al-Majd Company, Mr. Abdul Karim bin Abdul Rahman bin Muhareb, emphasized the importance of the integrated management system as a new and interconnected system to work within the industrial fund and thanked the efforts of all workers in the project.

It is worth noting that the Industrial Fund provides a package of distinguished services (loans and land) to Saudi establishments in the following sectors:

• The mining sector.
• Energy sector.
• Industry sector.
• The logistics sector.

Where the incentive programs launched by the Industrial Fund to meet the needs of the investor vary:

• Afaq motivational program.
• Competitive program.
• Localization program.
• Renewable program.

Renad Al Majed Group (RMG) and Beqaa Al Estora General Trading Company (LLS Group) in Iraq have signed an agreement to exchange experiences, consulting services, specialized training, and ISO standards consulting services.

Based on the strategy of Renad Al Majed Group (RMG) that focuses on expansion in Middle East countries and the desire to transfer and develop information technology in the other countries and support institutions to achieve the desired Objectives and to keep pace with digital transformation development, information technology, information security, Implementation of quality systems also training in order to achieve the  institutional excellence and desired objectives.

The signed agreement includes many Aspects as consulting, training, qualification, examination, evaluation, and adoption it in the following areas:

• International ISO standards
• ITSM
• IT Governance
• CMMI
• Digital Skills Framework (SFIA)
• Software Development Life Cycle (SDLC)
• Organizational change (OCM)
• Project Management (PMO)
• CYBER SECURITY
• Digital Transformation
• The parties have the right to add any other specialties

Renad Al Majed Group (RMG) is a Saudi leader company in of information technology.

Renad Al Majed Group (RMG) has a qualified and Internationally certified team of consultants and experts, with a record of Success and achievements with a largest governmental organization and the private sector also in the Kingdom of Saudi Arabia.

The agreement included many terms and areas in which Renad Al Majed Group (RMG) and Beqaa Al Estora General Trading Company will in the following domains:

• International ISO standards
• IT Governance
• CMMI
• Digital Skills Framework (SFIA)
• Software Development Life Cycle (SDLC)
• Organizational change (OCM)
• Project Management (PMO)
• CYBER SECURITY
• Digital Transformation

Beqaa Al Estora General Trading Company (LLS Group) is one of the leading Iraqi companies in the field of information technology and digital transformation and a Microsoft's global solutions service provider.

The Saudi-Iraqi relations have a achieved a recognized growth in many Business aspects, and the leadership in the two countries has a common desire to enhance this strategic relationship in a manner befitting the historical ties, in the interest of the two brotherly countries. Where the Iraqi Prime Minister chose the Kingdom of Saudi Arabia as the first country to visit after taking office, and the Kingdom of Saudi Arabia celebrated this extremely important visit and a desire to provide all means of success to it is what prompted us in Renad Al Majed Group (RMG) to search for the best distinguished companies in the State of Iraq Sibling to build partnerships and agreements with it and expand our activities there.

Renad Almajed Group (RMG) is the first consulting company to successfully implement the CYBER SECURITY

Renad Almajed Group (RMG) is the first Saudi consulting company that succeeded in implementing the SAMA Cyber Security Framework application project as it implemented it in the Saudi Home Loans (SHL) because of the importance and necessity of this framework to achieve the requirements of the current digital community that has high expectations with experience Flawless customers, constant availability of services and effective protection of sensitive data. The origins of information and online services are now of strategic importance for all public and private institutions, as well as for the wider community.

These services are vital to creating a vibrant digital economy. It has also become systematically important to the economy and broader national security. All this confirms the need to protect sensitive data and transactions, and thus ensure confidence in the Saudi financial sector in general.

Therefore, we find that the Saudi Arabian Monetary Agency (SAMA) is now imposing the adoption of the application of this framework on all (“member organizations”) operating in the field of loans, banks, financial services and insurance in order to identify and effectively address risks related to cyber security to maintain the protection of information assets and services via the Internet.

What is cyber security?

Cyber security is defined as a set of tools, policies, security concepts, security guarantees, guidelines, risk management approaches, procedures, training, best practices, safeguards, and technologies that can be used to protect an organization's information assets from internal and external threats.

General security objectives include:

• Confidentiality - the information assets can only be accessed for persons authorized to access (i.e. protected from unauthorized disclosure or (cancellation) the intended leakage of sensitive data).
• Integrity - the information assets are accurate and complete and properly processed (i.e. protected from unauthorized modification, which may include authenticity and non-repudiation).
• Availability - information assets are flexible and accessible when required (i.e. protected from unauthorized outages).

Therefore, we find that the framework defines the principles and objectives for initiating, implementing, maintaining, monitoring and improving cyber security controls in member organizations. The framework provides cyber security controls that apply to the organization's information assets, including:

• Electronic information.
• Physical information.
• Applications, programs, electronic services and databases.
• Computers and electronic devices (such as ATMs).
• Information storage devices (for example, hard disk, flash drive).
• Buildings, equipment and communication networks (technical infrastructure).

The framework has a correlation with other institutional policies in related areas, such as physical security and fraud management.

Applicability

Where does cyber security apply?

The framework applies to all member organizations organized by the Saudi Arabian Monetary Agency, which include the following:

• All banks operating in the Kingdom of Saudi Arabia.
• All insurance and/or reinsurance companies operating in the Kingdom of Saudi Arabia.
• All finance companies operating in the Kingdom of Saudi Arabia.
• All credit offices operating in the Kingdom of Saudi Arabia.
• Financial market infrastructure

The most important features of cyber security

• Responsibilities

The framework is mandated by the Saudi Arabian Monetary Agency. The monetary agency is the owner and is responsible for the periodic updating of the tire.

Member organizations are responsible for adopting and implementing the framework.

• Explanation

The Saudi Arabian Monetary Agency SAMA, as the framework owner, is solely responsible for providing interpretations of principles, objectives, and control considerations, if necessary.

• The target audience

The framework aims to senior and executive management, business owners, owners of information assets and those responsible for participating in defining, implementing and reviewing cyber security controls within member organizations.

• Audit update and maintenance

The Saudi Arabian Monetary Agency will periodically review the framework to determine the effectiveness of the framework, including the effectiveness of the framework to counter emerging cyber security threats and risks. If possible, the Saudi Arabian Monetary Agency will update the framework based on the audit findings.

If a member organization considers that updating the framework is required, it must provide the required update formally to the Saudi Arabian Monetary Agency. The Saudi Arabian Monetary Agency will review the requested update, and upon approval, the framework will be modified

The frame structure has its advantages

The framework is structured around four main domains, namely

• Cyber Security Leadership and Governance.
• Cyber security risk management and compliance
• Cyber security operations and technology.
• 3rd party cyber security.

For each domain several subdomains are defined. The subdomain focuses on a specific topic of cyber security. For each subdomain, the framework provides for initial, objective and monitoring considerations

The principle summarizes the main set of required cyber security controls related to subdomain.

The target describes the purpose of the principle and what the required set of cyber security controls are expected to achieve.

Monitoring considerations reflect mandatory cyber security controls that must be taken into account. Control considerations are uniquely numbered throughout the tire. Where appropriate, consideration of control can consist of up to 4 levels.

Control considerations are numbered according to the following numbering system:

The figure below shows the general structure of the framework and indicates cyber security and sub-domains, including reference to the applicable section of the framework.

Self-evaluation, review and audit

Self-evaluation, review, and audit

Implementation of the framework in the organization will be subject to periodic self-evaluation. The organization will conduct a self-assessment based on a questionnaire. The Saudi Arabian Monetary Agency will review and review self-assessments to determine the level of compliance with the framework and the maturity level of cyber security in the organization.

Cyber Security Maturity Model

The level of cyber security maturity will be measured with the help of a predefined cyber security maturity model. The cyber security maturity model characterizes 6 maturity levels (0, 1, 2, 3, 4, 5), summarized in the table below. In order to achieve levels 3, 4 or 5, the organization must first meet all the criteria for previous maturity levels.

The objective of the framework is to create an effective approach to addressing cyber security and managing cyber security risks within the financial sector. To achieve an appropriate level of cyber security maturity, member organizations must operate at least at the maturity level 3 or higher as shown below.

Third Maturity Level (3)

Cyber security documents must clearly indicate "why", "what" and "how" cyber security controls should be implemented. Cyber security documents consist of cyber security policies, cyber security standards and cyber security measures.

Cyber security policy must be adopted and delegated by the organization’s council and clarify “why” cyber security is important to the organization. The policy should highlight the origins of the information that must be protected and “what” are the principles and goals of cyber security that must be developed

Based on cyber security policy, cyber security standards must be developed. These "what" standards define what cyber security controls must be implemented, such as security and system standards, separation of duties, password rules, event monitoring and backup and recovery rules. Standards support and enhance cyber security policy and should be considered as baselines of cyber security.

Step-by-step tasks and activities that staff, third parties, or WHO clients should perform in cyber security procedures are detailed. These procedures define "how" cyber security controls, tasks and activities should be implemented in the operating environment and support the protection of the organization's information assets in accordance with cyber security policy and standards.

The process is defined in the context of this framework as an organized set of activities designed to achieve the specified goal. The process may include policies, standards, guidelines, procedures, activities and work instructions, as well as any of the roles, responsibilities, tools and management controls required to reliably deliver outputs.

Actual progress in the implementation, performance, and compliance of cyber security controls should be monitored and evaluated periodically using Key Performance Indicators (KPIs).

Fourth Maturity Level (4)

To achieve the fourth level of maturity, the organization must periodically measure and evaluate the effectiveness of implemented cyber security controls. In order to measure and assess whether cyber security controls are effective, key risk indicators (KRI) must be identified. The KRI indicates an effectiveness measurement criterion and must determine whether the actual outcome of the measurement is less than or is working on or above the target base. KRIs are used to report trends and identify potential improvements.

Fifth Maturity Level (5)

The fifth level of maturity focuses on the continuous improvement of cyber security controls. Continuous improvement is achieved through continuous analysis of the goals and achievements of cyber security and the identification of structural improvements. Cyber security controls must integrate with enterprise risk management practices and be supported by real-time automated monitoring.

Business process owners should be responsible for monitoring compliance with cyber security controls, measuring the effectiveness of cyber security controls, and incorporating cyber security controls within the enterprise risk management framework. Additionally, the performance of cyber security controls must be evaluated using peer and segment data.

We are pleased to serve you by filling in the contact form

RMG get accredited by the International Council of E-Commerce Consultants "EC-Council"

Most organizations face a number of challenges in the business world, from protecting customer results to intellectual property and sensitive information. Given these challenges, cyber security is a necessity, not a luxury.

As a culmination of our cyber security services, we have built partnerships with global cyber security providers. Renad Almajed Group (RMG) has been accredited by the world’s largest technical certification body for cyber security, the International Council of Electronic Commerce Consultants “EC- Council” as an accredited training center.

The Training Portfolio of “EC- Council” includes comprehensive courses on cyber security such as:

• Certified Hacker Ethical
• Supported in network defense
• Master's CEH
• Certified threat Intelligence Analyst (C | TIA)
• Certified Security Analyst from the World Council of Electronic Commerce Advisors (ECSA): Penetration Testing
• Certified Security Analyst from the World Council of E-Commerce Advisors (My work)
• LPT (Master's) Training Program: Advanced Penetration Testing Course
• Global Council of E-Commerce Advisors (V 2) Certified incident Processor

“Our focus is on helping our customers to keep their business safe and globally, by providing the right cyber security training, consulting, and solutions,” said Fayyad Bayan, CEO of Renad Almajed Group (RMG). The reputation of “EC- Council” in expanding the global partner network, to fully manage the certification process, starting with training accreditation, offering a consulting program, and managing the testing process worldwide.”

For more info just contact us